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Abstract: The security of quantum key distribution relies on the validity 
of quantum mechanics as a description of nature and on the non-existence 
of leaky degrees of freedom in the practical implementations. We experi- 
mentally demonstrate how, in some implementations, timing information 
revealed during public discussion between the communicating parties can 
be used by an eavesdropper to undetectably access a significant portion of 
the "secret" key. 
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1. Introduction 

Theoretical proofs of the security of quantum key distribution (QKD), are a well developed 
subfield in quantum communication research (see HI), both in highly idealized J5] [3] and more 
realistic scenarios |4|. By construction, these proofs assume that the legitimate parties measure- 
ment results are isolated from the environment and thus from an eavesdropper. Comparatively 
little work has been done studying the possible physical side channels associated with particu- 
larities of the physical devices used (5][6) or possible attacks based on the external manipulation 
of the expected response of the apparatus fTl [8l l9l ITOl . 

All photon-counting implementations of QKD identify a signal photon from background by 
measurement of the arrival time at detectors. In an ideal scenario, there can be no correlation be- 
tween the measurement outcome on the quantum variable (e.g. polarization in the original BB84 
proposal), and this publicly exchanged timing information. However, in a recent entanglement 
based QKD implementation, a pulsed down-conversion source provided photon pairs with a 
well-defined timing signature j 1 Q. For photon identification, timing information was recorded 
with a high resolution and communicated to the other side (similar scheme as in 151 [T3[T^ [1411 ). 
We show that there may be an exploitable correlation between the exchanged timing informa- 
tion and the measurement results in the quantum channel. 

2. Time response analysis 

A configuration implementing the detection scheme just described is shown in Fig. [T] An in- 
coming photon is randomly directed by a beam splitter towards two possible polarizing beam 
splitters each of which performs a measurement in one basis (H /V or 45°/ —45°). Finally, there 
are four possible outcomes of the measurement (two bits of information) of which one bit will 
be made public. The remaining bit is the raw material for generating the secret key and must be 
kept secret. Although the optical distance from the entrance of the module to the four detectors 
differs by less than 1 mm, there is a measurable difference in the timing of the electronic signal 
from the different possibilities. In order to determine the timing differences between the four 
single photon detectors, we used an attenuated fraction of a pulse train emitted by a TkSapphire 
femtosecond laser as a light source (see Fig. [2j. Single photon detectors consisted of Silicon 
Avalanche Photodiodes (type C30902S, Perkin-Elmer), operated in a passively quenched con- 
figuration. The breakdown of the avalanche region was converted into a digital pulse signal by 
a high speed comparator, registering a voltage drop over the measurement resistor Rm = 100 £2 
of 150 mV, which has to be compared to a maximal voltage drop across Rm of about 700 mV. 
The distribution of peak amplitudes for the breakdown signal exhibits a spread below 10% for 
photodetector event rates of 5000-6000 s~ 1 , and the pulse duration before the comparator is on 
the order of 2 ns. 

We obtained the timing distribution with an oscilloscope sampling at 20 GS/s, by interpolat- 
ing the time when the comparator output passed through the 50% value between the two logical 
levels. Time reference is a trigger signal supplied by a MSM Schottky reference photodiode 
(G7096-03, Hamamatsu) looking at another fraction of the optical pulse train. The timing jitter 
of 1 Ops (FWHM) we observe between consecutive pulses from the mode-locked laser gives an 
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Fig. 1. A typical configuration of photocounting detectors for quantum key distribution. 
A beam splitter (BS), polarizing beam splitters (PBS) and a half wave plate (A/2), divert 
incoming photons onto a set of detectors, which generate a macroscopic timing signal. 
This timing information and e.g. a projection basis is revealed publicly, while information 
on which detector out of two absorbed a photon is the secret used to subsequently generate 
a key. 




Fig. 2. Experimental set-up to characterize the timing jitter of a single photon detector. A 
train of ultrashort light pulses from a mode-locked TkSapphire laser is sent with strong at- 
tenuation into a passively quenched Si avalanche photodiode (APD). A histogram of timing 
differences (TDH) with respect to the signal of a trigger photodidode (TD) is recorded. 



upper bound for the total timing uncertainty. The resulting timing histograms of the different 
detectors (Fig. [3]) show a clearly different centroid location with respect to the trigger pulse. 
We model the observed distribution with a convolution product of an exponential decay and a 
Gaussian distribution, 

ddt) = — e -e^erfcf — - ) (1) 

The fit values for the temporal offset to and the exponential and Gaussian decay constants T e , Xq 
for the four detectors i = 1,2,3,4 are summarized in table [T] While the difference between T e 
and Tg differ maximally by 38 ps and 20 ps, respectively, the time offsets to can differ up to 
240 ps between detectors 2 and 4. The physical origin of this difference could be attributed to 
differences in the electrical delays for the different detectors on the order of a few cm on the 
circuit board layouts, and to different absolute pulse heights of the detected breakdown currents 
due to different parasitic capacities for the different diodes. 
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Fig. 3. Photoevent timing histograms for the four detectors involved in a quantum key 
distribution receiver. While the general shape of the distributions is similar, there is a dis- 
tinction in the response time visible for detectors 1 and 4 with respect to detectors 2 and 3, 
which, if not compensated, can be exploited by an eavesdropper to gain knowledge about 
the measurement result. The solid lines represent a fit to the model in equationQ] 



Table 1 . Extracted model parameters for the time distributions of the different photodetec- 
tors with their statistical uncertainties. 



Detector ; 


to (ps) 


x e (ps) 


Tg (ps) 


1 


1138 ±7 


395 ±7 


288 ±4 


2 


1356±6 


433 ±7 


279 ±4 


3 


1248 ±4 


409 ±5 


292 ±3 


4 


1117 ±7 


415±7 


302 ±4 



3. Information extraction 

An eavesdropper can exploit these differences in the detector responses dj, and obtain informa- 
tion on the secret key by listening in the publicly communicated detection times. The knowl- 
edge in principle attainable by the eavesdropper is quantified by the mutual information I(X; T) 
between the time distribution of detector clicks (publicly revealed) and the bits composing the 
secret key: 

I(X;T)=H(X)+H(T)-H(X,T) (2) 
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Fig. 4. Eavesdropper's information on the secret bit as a function of delay Afy between 
detector timing distributions with identical shapes. The three curves represent different 
levels of discretization of the data. The top curve corresponds to the continuous distribution 
and the subsequent are for 0.5 ns and 1 ns time bins. As expected, with an increasing time 
bin there is less information available for the eavesdropper. For Afo as small as 0.5 ns the 
eavesdropper will gain access to more than a quarter of the "secret key". 

There, X represents the distribution of logical and 1, and T is the distribution of detection 
times. The entropies and joint entropies of the distributions are given by 

H(T) = - j d(t)\og 2 [d(t)]dt 
H(X) = -J>°(*)log 2 [p°(*)] 

A" 

H(X,T) = -£ f p{x,t)\og 2 [p{x,t)]dt 

= -Z[p°(x)dxWog 2 \p (x)d x (t)]<it 

where d{t) = Y, x p° (x)d x (t) is the probability of a click occurring at time t for the ensemble of 
detectors, and d x (t) the probabilities of a click at a particular time t for a detector corresponding 
to logical value 16 {0, 1 }. In most protocols, the prior distribution of logical values is balanced 
such that p°(0)=p°(l)=0.5. 

If we bin the detector results in the manner most favorable to the eavesdropper by assigning 
detectors (1,2) to one basis, (3,4) to the other basis, and taking detectors groups (1,3) and (2, 
4) to represent and 1, the average extractable information is 3.8 ±0.38%. It is worth consid- 
ering in detail how the distinguishability of the distributions comes about, and how quickly the 
eavesdropper knowledge of the key changes. Figure |4] shows the eavesdropper's knowledge of 
the secret bit for two distributions do(t),d\(t) with the same x e = 400 ps, Xq = 290 ps, but with 
different relative delays Afo- Detectors that are uncompensated by as little as Afo = 500ps will 
give the eavesdropper access to more than 25% of the "secret" key. Since a small relative delay 
is not visible in the usual experimental setups which employ coincidence windows between 1 
and 20 ns lfT2l IT3l fT31 IT4l . it requires an additional effort to make sure that this leakage channel 
is closed. 

The solution to this particular side channel is not complex, the timing information should 



be characterized and the delays equalized, randomized or the precision truncated such that the 
potential information leakage is below a certain threshold. Quantum cryptography protocols can 
then deal with this in the same way they deal with errors, by applying an appropriate amount 
of privacy amplification lfl6l . In every real experiment the timing information is communicated 
with a finite precision that could be adjusted for this purpose. Figure 4 shows the effect of 
discretizing the time information into 0.5 ns and 1 ns time bins (a typical experimental value 
of w 150 ps gives a negligible difference with the continuous distribution). As expected, the 
eavesdropper's information is reduced as the bin width increases. Somewhat counterintuitively 
there is still a strong leakage even at bin sizes comparable to the width of the distribution 
d(t); furthermore there is a penalty in the form of increased background. For our particular 
device, the main distinguishing feature is the time offset. If this is compensated for (i.e. made 
identical for all detectors), and applying the same procedure as before to obtain the leakage to 
an eavesdropper given the probability distributions, we find the leakage to be around 0.3%. 

It is reasonable to ask whether this problem affects "prepare and measure" protocols as well. 
A typical BB84 QKD system based on weak coherent pulses has a synchronous operation, and 
the detector side will locally determine whether the detected event falls in the right part of the 
timing frame to be counted as genuine. This binary decision will not provide information to 
the eavesdropper from the detector side. However, the problem has just been displaced from 
the detectors to the emitters: if the states to be sent are prepared by different physical devices, 
their temporal response needs to be charaterized, and the possible information leakage should 
be evaluated with a similar analysis. 

4. Conclusions 

Quantum cryptography is slowly leaving the purely academic environment and starting to ap- 
pear in commercial products 1171 . The theoretical aspects of its security are a very active re- 
search area but comparatively little has been done in terms of scrutinizing the practical systems. 
However, there is increasing interest in looking at the side channels arising from the physical re- 
alization in practical systems (see recent work by Zhao et al. 1101 for an attack on a commercial 
product based on a proposal by Makarov et al. (8|). We have shown here how some of the infor- 
mation publicly revealed by the communicating parties in reasonable mature implementations, 
may lead to a large proportion of the key becoming insecure. 
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